Multiple vulnerabilities in Apple iOS 18 and iPadOS 18
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 29 |
| CVE-ID | CVE-2025-24117 CVE-2025-24150 CVE-2025-24162 CVE-2025-24158 CVE-2025-24143 CVE-2025-24154 CVE-2025-24145 CVE-2025-24149 CVE-2025-24113 CVE-2025-24128 CVE-2024-9956 CVE-2025-24104 CVE-2025-24166 CVE-2025-24159 CVE-2025-24141 CVE-2025-24107 CVE-2025-24086 CVE-2025-24085 CVE-2025-24124 CVE-2025-24123 CVE-2025-24163 CVE-2025-24161 CVE-2025-24160 CVE-2025-24127 CVE-2025-24137 CVE-2025-24177 CVE-2025-24131 CVE-2025-24129 CVE-2025-24126 |
| CWE-ID | CWE-200 CWE-78 CWE-20 CWE-119 CWE-787 CWE-532 CWE-125 CWE-451 CWE-358 CWE-61 CWE-264 CWE-287 CWE-416 CWE-843 CWE-476 |
| Exploitation vector | Network |
| Public exploit | Vulnerability #18 is being exploited in the wild. |
| Vulnerable software |
iPadOS Operating systems & Components / Operating system Apple iOS Operating systems & Components / Operating system |
| Vendor | Apple Inc. |
Security Bulletin
This security bulletin contains information about 29 vulnerabilities.
1) Information disclosure
EUVDB-ID: #VU103346
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-24117
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local application to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output in LaunchServices. A local application can fingerprint the user.
Install update from vendor's website.
Vulnerable software versionsiPadOS: 18.0 22A3354 - 18.2 22C152
Apple iOS: 18.0 22A3354 - 18.2 22C152
CPE2.3 External linkshttp://support.apple.com/en-us/122066
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) OS Command Injection
EUVDB-ID: #VU103355
Risk: Medium
CVSSv4.0: [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2025-24150
CWE-ID:
CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation in WebKit Web Inspector. A remote attacker can trick the victim into copying a specially crafted URL from the WebKit Web Inspector and execute arbitrary OS commands on the system.
Install update from vendor's website.
Vulnerable software versionsiPadOS: 18.0 22A3354 - 18.2 22C152
Apple iOS: 18.0 22A3354 - 18.2 22C152
CPE2.3http://support.apple.com/en-us/122066
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Input validation error
EUVDB-ID: #VU103354
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-24162
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in WebKit. A remote attacker can trick the victim into visiting a specially crafted website and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 18.0 22A3354 - 18.2 22C152
Apple iOS: 18.0 22A3354 - 18.2 22C152
CPE2.3http://support.apple.com/en-us/122066
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Buffer overflow
EUVDB-ID: #VU103353
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-24158
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error when handling HTML content in WebKit. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and perform a denial of service (DoS) attack.
Install update from vendor's website.
Vulnerable software versionsiPadOS: 18.0 22A3354 - 18.2 22C152
Apple iOS: 18.0 22A3354 - 18.2 22C152
CPE2.3http://support.apple.com/en-us/122066
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Information disclosure
EUVDB-ID: #VU103352
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-24143
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to fingerprint users.
The vulnerability exists due to excessive data output by WebKit. A remote attacker can trick the victim into visiting a specially crafted website and fingerprint the user.
Install update from vendor's website.
Vulnerable software versionsiPadOS: 18.0 22A3354 - 18.2 22C152
Apple iOS: 18.0 22A3354 - 18.2 22C152
CPE2.3http://support.apple.com/en-us/122066
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Out-of-bounds write
EUVDB-ID: #VU103358
Risk: Medium
CVSSv4.0: [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2025-24154
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service attack.
The vulnerability exists due to a boundary error when processing untrusted input in WebContentFilter. A remote attacker can trick the victim into opening a specially crafted file, trigger an out-of-bounds write and perform a denial of service (DoS) attack.
Install update from vendor's website.
Vulnerable software versionsiPadOS: 18.0 22A3354 - 18.2 22C152
Apple iOS: 18.0 22A3354 - 18.2 22C152
CPE2.3http://support.apple.com/en-us/122066
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Inclusion of Sensitive Information in Log Files
EUVDB-ID: #VU103357
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-24145
CWE-ID:
CWE-532 - Information Exposure Through Log Files
Exploit availability: No
DescriptionThe vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to Time Zone stores sensitive information into log files. A local application can view a contact's phone number in system logs.
MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 18.0 22A3354 - 18.2 22C152
Apple iOS: 18.0 22A3354 - 18.2 22C152
CPE2.3http://support.apple.com/en-us/122066
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Out-of-bounds read
EUVDB-ID: #VU103356
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-24149
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in SceneKit. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger an out-of-bounds read error and read contents of memory on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 18.0 22A3354 - 18.2 22C152
Apple iOS: 18.0 22A3354 - 18.2 22C152
CPE2.3http://support.apple.com/en-us/122066
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Spoofing attack
EUVDB-ID: #VU103350
Risk: Medium
CVSSv4.0: [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2025-24113
CWE-ID:
CWE-451 - User Interface (UI) Misrepresentation of Critical Information (Clickjacking, spoofing)
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to incorrect processing of user-supplied data in Safari. A remote attacker can trick the victim into visiting a specially crafted website and spoof the page content.
MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 18.0 22A3354 - 18.2 22C152
Apple iOS: 18.0 22A3354 - 18.2 22C152
CPE2.3http://support.apple.com/en-us/122066
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Spoofing attack
EUVDB-ID: #VU103351
Risk: Medium
CVSSv4.0: [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2025-24128
CWE-ID:
CWE-451 - User Interface (UI) Misrepresentation of Critical Information (Clickjacking, spoofing)
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to incorrect processing of user-supplied data in Safari. A remote attacker can trick the victim into clicking on a specially crafted URL and spoof the browser's address bar.
Install update from vendor's website.
Vulnerable software versionsiPadOS: 18.0 22A3354 - 18.2 22C152
Apple iOS: 18.0 22A3354 - 18.2 22C152
CPE2.3http://support.apple.com/en-us/122066
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Improperly implemented security check for standard
EUVDB-ID: #VU98692
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-9956
CWE-ID:
CWE-358 - Improperly Implemented Security Check for Standard
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to incorrect implementation in Web Authentication in Google Chrome. A remote attacker can create a specially crafted web page, trick the victim into visiting it and gain access to sensitive information.
MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 18.0 22A3354 - 18.2 22C152
Apple iOS: 18.0 22A3354 - 18.2 22C152
CPE2.3http://support.apple.com/en-us/122066
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) UNIX symbolic link following
EUVDB-ID: #VU103348
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-24104
CWE-ID:
CWE-61 - UNIX Symbolic Link (Symlink) Following
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a symlink following issue in Managed Configuration when restoring data from a specially crafted backup file. A local user can overwrite protected filesystem files and escalate privileges on the system.
Install update from vendor's website.
Vulnerable software versionsiPadOS: 18.0 22A3354 - 18.2 22C152
Apple iOS: 18.0 22A3354 - 18.2 22C152
CPE2.3http://support.apple.com/en-us/122066
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Input validation error
EUVDB-ID: #VU103347
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-24166
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in libxslt. A remote attacker can trick the victim into visiting a specially crafted website and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 18.0 22A3354 - 18.2 22C152
Apple iOS: 18.0 22A3354 - 18.2 22C152
CPE2.3http://support.apple.com/en-us/122066
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU103345
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-24159
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to improper access restrictions within the OS kernel. A local application can execute arbitrary code with kernel privileges. MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 18.0 22A3354 - 18.2 22C152
Apple iOS: 18.0 22A3354 - 18.2 22C152
CPE2.3http://support.apple.com/en-us/122066
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) Improper authentication
EUVDB-ID: #VU103331
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-24141
CWE-ID:
CWE-287 - Improper Authentication
Exploit availability: No
DescriptionThe vulnerability allows an attacker to bypass lock screen.
The vulnerability exists due to improper authentication within the Accessibility feature. An attacker with physical access to device can access Photos while the app is locked.
MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 18.0 22A3354 - 18.2 22C152
Apple iOS: 18.0 22A3354 - 18.2 22C152
CPE2.3http://support.apple.com/en-us/122066
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU103344
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-24107
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to improper access restrictions within the OS kernel. A local application can execute arbitrary code with root privileges.
Install update from vendor's website.
Vulnerable software versionsiPadOS: 18.0 22A3354 - 18.2 22C152
Apple iOS: 18.0 22A3354 - 18.2 22C152
CPE2.3http://support.apple.com/en-us/122066
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
17) Buffer overflow
EUVDB-ID: #VU103343
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-24086
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error in ImageIO. A remote attacker can trick the victim into opening a specially crafted file, trigger memory corruption and perform a denial of service (DoS) attack.
Install update from vendor's website.
Vulnerable software versionsiPadOS: 18.0 22A3354 - 18.2 22C152
Apple iOS: 18.0 22A3354 - 18.2 22C152
CPE2.3http://support.apple.com/en-us/122066
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
18) Use-after-free
EUVDB-ID: #VU103330
Risk: High
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Amber]
CVE-ID: CVE-2025-24085
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to a use-after-free error in CoreMedia. A local application can execute arbitrary code with elevated privileges.
Note, the vulnerability is being actively exploited in the wild. MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 18.0 22A3354 - 18.2 22C152
Apple iOS: 18.0 22A3354 - 18.2 22C152
CPE2.3http://support.apple.com/en-us/122066
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.
19) Input validation error
EUVDB-ID: #VU103342
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-24124
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in CoreMedia. A remote attacker can trick the victim into opening a specially crafted file and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 18.0 22A3354 - 18.2 22C152
Apple iOS: 18.0 22A3354 - 18.2 22C152
CPE2.3http://support.apple.com/en-us/122066
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
20) Input validation error
EUVDB-ID: #VU103341
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-24123
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in CoreMedia. A remote attacker can trick the victim into opening a specially crafted file and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 18.0 22A3354 - 18.2 22C152
Apple iOS: 18.0 22A3354 - 18.2 22C152
CPE2.3http://support.apple.com/en-us/122066
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
21) Input validation error
EUVDB-ID: #VU103340
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-24163
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in CoreAudio. A remote attacker can trick the victim into opening a specially crafted media file and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 18.0 22A3354 - 18.2 22C152
Apple iOS: 18.0 22A3354 - 18.2 22C152
CPE2.3http://support.apple.com/en-us/122066
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
22) Input validation error
EUVDB-ID: #VU103339
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-24161
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in CoreAudio. A remote attacker can trick the victim into opening a specially crafted media file and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 18.0 22A3354 - 18.2 22C152
Apple iOS: 18.0 22A3354 - 18.2 22C152
CPE2.3http://support.apple.com/en-us/122066
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
23) Input validation error
EUVDB-ID: #VU103338
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-24160
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in CoreAudio. A remote attacker can trick the victim into opening a specially crafted media file and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 18.0 22A3354 - 18.2 22C152
Apple iOS: 18.0 22A3354 - 18.2 22C152
CPE2.3http://support.apple.com/en-us/122066
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
24) Input validation error
EUVDB-ID: #VU103337
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-24127
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in ARKit. A remote attacker can trick the victim into opening a specially crafted file and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 18.0 22A3354 - 18.2 22C152
Apple iOS: 18.0 22A3354 - 18.2 22C152
CPE2.3http://support.apple.com/en-us/122066
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
25) Type Confusion
EUVDB-ID: #VU103336
Risk: High
CVSSv4.0: [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-24137
CWE-ID:
CWE-843 - Type confusion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a type confusion error in AirPlay. A remote attacker can send specially crafted packets to the device, trigger a type confusion error and execute arbitrary code on the target system.
Install update from vendor's website.
Vulnerable software versionsiPadOS: 18.0 22A3354 - 18.2 22C152
Apple iOS: 18.0 22A3354 - 18.2 22C152
CPE2.3http://support.apple.com/en-us/122066
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
26) NULL pointer dereference
EUVDB-ID: #VU103335
Risk: Medium
CVSSv4.0: [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2025-24177
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in AirPlay. A remote attacker on the local network can send specially crafted packets to the device and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsiPadOS: 18.0 22A3354 - 18.2 22C152
Apple iOS: 18.0 22A3354 - 18.2 22C152
CPE2.3http://support.apple.com/en-us/122066
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
27) Buffer overflow
EUVDB-ID: #VU103334
Risk: Medium
CVSSv4.0: [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2025-24131
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error in AirPlay. A remote attacker on the local network can send specially crafted packets to the device, trigger memory corruption and perform a denial of service (DoS) attack.
Install update from vendor's website.
Vulnerable software versionsiPadOS: 18.0 22A3354 - 18.2 22C152
Apple iOS: 18.0 22A3354 - 18.2 22C152
CPE2.3http://support.apple.com/en-us/122066
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
28) Type Confusion
EUVDB-ID: #VU103333
Risk: Medium
CVSSv4.0: [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2025-24129
CWE-ID:
CWE-843 - Type confusion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a type confusion error in AirPlay. A remote attacker on the local network can send specially crafted packets to the device, trigger a type confusion error and perform a denial of service (DoS) attack.
Install update from vendor's website.
Vulnerable software versionsiPadOS: 18.0 22A3354 - 18.2 22C152
Apple iOS: 18.0 22A3354 - 18.2 22C152
CPE2.3http://support.apple.com/en-us/122066
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
29) Buffer overflow
EUVDB-ID: #VU103332
Risk: High
CVSSv4.0: [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-24126
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in AirPlay. A remote attacker on the local network can send specially crafted input to the device, trigger memory corruption and execute arbitrary code on the target system.
Install update from vendor's website.
Vulnerable software versionsiPadOS: 18.0 22A3354 - 18.2 22C152
Apple iOS: 18.0 22A3354 - 18.2 22C152
CPE2.3http://support.apple.com/en-us/122066
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
